By Chris Tuckness
Last year, it was reported that Russian hackers had stolen more than 1.5 billion username and password combinations. You might think your company is safe, but are you sure about that?
This breach is a huge exposure for small and large businesses alike. If that were the only event, it alone would be huge news. Yet there has been an average of about two major security breaches reported each month so far this year. These breaches put many things at risk, even if you think your network is tied down.
The first reason for this is that employees usually do more than work. They check their personal email, check social networks, surf the Internet, perhaps pay some online bills and much more. All of these things can potentially open up your network to a breach. All it takes is for one employee to click the wrong link or download the wrong attachment and your network can be opened up.
Cybercrimes and threats to personal information are constantly on the rise. A day does not go by that we can’t read about someone’s e-mail, business, bank or other online account being hacked. With hackers all around the world finding new ways of getting inside your personal online “space,” the need for a safer mechanism and new ways of protecting your information are at an all-time high.
Fortunately, there are some basic steps each of us can take to ensure that our information is more secure. The first and most important step in this regard is properly protecting your passwords.
We may think that the passwords we choose are relatively safe and difficult to crack, but this belief is far from the truth. With such a huge amount of risk, how do we guarantee that our passwords are secure and our personal information is safe? Here is a list of a seven simple steps:
- Always include numbers, special characters, upper and lower case letters in your password — A good combination of these will ensure that your password remains confusing and harder to crack, especially if there is no obvious meaning to the letters and numbers you use.
- Go to the MAX — Lots of people suggest a recommended length for passwords. Why not just use the maximum characters that the website will support. Many websites have maximum password characters over 40!
- Do not include important dates or names in your password — Try not to include any dates that may hold importance in your life in your passwords. Also, stay clear of obvious names like your spouse, pet, child, sibling or parents.
- Do not repeat your passwords — Make sure your new password is always different from your last five passwords. Always keep switching between the combinations in your passwords.
- Do not share or write down your passwords — This is probably the most common mistake that we make. Never share your passwords even with the closest of your friends or family. You never know how much harm a slip of tongue can do!
- Be careful while accessing your important accounts on public computers — Try to never to access your bank or other important accounts on public computers or Internet cafes. If you have no other option, make sure the browser does not have cookies and that the password saving setting it OFF. After accessing your account, clear the cache and cookies in the browser. Once you have accessed your bank account, reset your password from a secure computer using secure non-public Internet access.
- Different passwords for different accounts — Never keep the same password for more than one account. In case one of your accounts gets compromised, your other ones will still be safe.
Furthermore, you have to be aware of security threats from the inside-out, outside-in, the outside-out and the inside-in.
- Inside-Out — Employees are one of the greatest security risks for a business. With the advent of BYOD (bring your own device) in the workplace as well as app-sprawl, the line between business data and personal data is being blurred, and security holes are being opened up. Unknowingly, employees could leak information to individuals outside of the organization that could compromise your clients or your company.
- Outside-In — The second biggest security risk is when a hacker targets your systems to gain access to important information for various purposes.
- Outside-Out — Recent events have taken places where hackers gained access to client information, and then used a companies own systems to send out attacks targeted at the company’s clients.
- Inside-In – Without proper security protocols inside a company, line employees could have access to HR records, financial information and client data that could cause disruptions and liability. No business owner wants to have to deal with employees sharing personal information or gossiping with other employees about private matters they have learned about because of insecure systems and protocols.
In closing, we unfortunately live in a society where cyber risk is a very real situation. As the “bad guys” continue to get smarter about getting our information, we have to do our best to stay ahead of them. Simple steps include items outlined in this article, as well as having policies within your company about cybersecurity, using an IT company that understands issues and, finally, using common sense. Although there are no guarantees against preventing cyber-attacks, you are guaranteed to get hit if you don’t have a good plan.
Chris Tuckness is director of marketing and communications with JMARK Business Solutions, Inc. (www.jmark.com).